4 Answers
4

The second command cannot be executed in a default Ubuntu installation, where the root account is not enabled.

But supposing you have unlocked the root account giving him a password, the two commands could only differ in the environment and shell variable set, I think. Compare the output of env in the two situations, and maybe also the output of set to see the differences.

There's a subtle difference between the two. su root (which can be shortened to just su) runs the su command as the user who invoked it. sudo runs the specified command (su) as root. Running su as root is essentially a no-op, though it probably starts a new shell. Running sudo -i is a cleaner (in my opinion) way of running sudo su.

Also, as pointed out previously, there is no root password on a default Ubuntu installation, so invoking su by itself will fail.

Another difference; the sudo command uses YOUR password and you have to be authorized in the /etc/sudoers file. The sudoers file defines what commands you are allowed to execute using sudo. The su command uses the ROOT password. which must be known.

Depending on options you can pick up roots environment or carry yours forward.

I use "sudo bash" to get a root shell. That is almost identical (maybe is, I am not sure) to "sudo -i". The environment is controlled like this "sudo su - other_user" gets the environment for other_user. But "sudo su other_user" carries your environment forward under the UID of other_user. That means your aliases and such will be available.

Also, auditing results are different in the audit logs when using su versus sudo. More tracability with sudo. Lastly, for su you give the root password around and have a maintenance pain. If you authorize people with sudo, you just update the sudoers file to add or remove people and they only have to remember their own password. Sudoers also allows you to decide what others can do.